$ rpki-client -vvf rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.mft File: U05nXomsmsMC9TCid1KM-Bo8UwY.mft (raw, json) Hash identifier: LRC8K0vnqvAK4RpUJ96TGLdPnD35xyRSWokeShWSgLA= Subject key identifier: 7A:04:04:E7:FD:26:67:32:26:2A:A8:8C:54:19:EB:BD:3D:87:50:E9 Authority key identifier: 53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06 Certificate issuer: /CN=A91CC1EB/serialNumber=534E675E89AC9AC302F530A277528CF81A3C5306 Certificate serial: 059A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.mft Manifest number: 0587 Signing time: Wed 30 Apr 2025 22:56:00 +0000 Manifest this update: Wed 30 Apr 2025 22:56:00 +0000 Manifest next update: Wed 07 May 2025 22:56:00 +0000 Files and hashes: 1: U05nXomsmsMC9TCid1KM-Bo8UwY.crl (hash: 46T4CdFFsj/qukmICyeax3nMQX7NJhmHg736T0FnmnQ=) 2: 5C0006B4E1B711EEA6D7F740C4F9AE02.roa (hash: 4jfL7SNWxDFOPvyEexB/Au04m937KqyBQLuHPsEG/BI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.crl rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 07 May 2025 22:55:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1434 (0x59a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CC1EB, serialNumber=534E675E89AC9AC302F530A277528CF81A3C5306 Validity Not Before: Apr 30 22:56:00 2025 GMT Not After : May 7 22:56:00 2025 GMT Subject: CN=6812aa80-c01b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:c6:b2:eb:db:6b:39:c4:08:82:fd:7f:62:65: 3d:15:72:85:3f:9d:8c:d3:af:64:2a:0c:57:76:7e: 5b:26:70:19:4a:f5:1b:db:ce:ab:5b:28:d8:5e:c2: 3f:2c:99:36:a1:28:68:d2:33:aa:e9:2a:0e:10:7e: b1:7f:4e:b7:1d:f8:1d:eb:49:04:e7:9c:74:c7:c8: 98:77:1b:58:08:d3:d8:4d:66:6e:06:3b:87:49:ac: 45:23:d0:44:ce:19:20:f2:a7:68:fa:0d:23:1a:71: 85:e2:e5:49:71:8f:97:35:2a:9e:7a:bc:4f:e8:b2: 0f:06:16:24:88:b3:b7:38:11:04:cf:27:de:db:f7: f4:bf:e4:61:5d:c3:5f:55:b1:1c:ab:7d:7b:82:52: e7:74:a8:44:11:13:cb:ef:17:b9:14:c6:66:d7:21: a1:ca:51:6b:c5:a5:f6:fb:88:f4:77:21:f3:6e:e5: 5f:dc:57:d3:02:70:8e:35:62:f7:66:5f:ef:06:fd: bd:d0:78:3f:2a:a1:9e:3e:bd:24:c9:67:ab:45:84: fe:4a:03:0e:19:44:6b:d3:ee:b5:5b:39:0d:ae:87: cf:ae:80:63:60:cd:00:09:28:f5:db:66:f9:bf:de: 9f:d3:b8:2a:5b:ab:5e:44:be:11:40:2a:cb:fc:aa: 40:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:04:04:E7:FD:26:67:32:26:2A:A8:8C:54:19:EB:BD:3D:87:50:E9 X509v3 Authority Key Identifier: keyid:53:4E:67:5E:89:AC:9A:C3:02:F5:30:A2:77:52:8C:F8:1A:3C:53:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U05nXomsmsMC9TCid1KM-Bo8UwY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CC1EB/AC384AA6DD8211EB958D1C30C4F9AE02/U05nXomsmsMC9TCid1KM-Bo8UwY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:1e:3c:3d:27:69:54:6e:a3:ba:8b:d7:39:02:af:4f:53:78: ae:7a:61:dc:24:02:59:39:1c:ed:02:07:a0:fd:03:06:02:b3: 13:7c:8d:82:bd:a6:79:1a:63:27:1a:d7:2e:63:38:9d:f1:7c: a6:fd:be:23:ce:ff:6a:7b:6c:02:fc:95:99:8c:75:d9:9e:95: 63:8e:b5:fa:63:3b:1c:5c:3f:67:20:5d:22:04:c9:ac:82:73: 66:b5:45:c2:a2:a5:66:0b:24:46:3e:87:aa:ca:04:a1:15:34: d0:81:45:58:01:d8:66:f8:58:29:56:a8:6c:7e:c9:c2:b4:1c: b4:f9:3c:b2:92:d7:04:f8:df:21:dd:01:bd:cc:34:93:99:a0: b7:f5:64:d1:0e:58:1e:d8:69:0d:77:66:de:5d:e1:9d:08:2c: b6:6f:97:fc:d6:ab:7a:af:82:c7:cf:d9:51:e8:a1:8b:78:ca: f7:11:01:df:d2:b8:f4:5f:3b:b3:9d:81:39:f2:80:d1:61:0e: ad:8e:ae:dc:ba:14:21:39:54:93:e1:bf:d8:41:e0:2b:4f:2c: a3:96:96:35:67:70:7b:95:52:b7:1b:a7:82:24:de:61:1b:dd: c4:d6:09:18:4e:b5:40:e5:ae:51:74:48:97:a7:e7:79:ab:6f: 4e:d8:f2:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0MxRUIxMTAvBgNVBAUTKDUzNEU2NzVFODlBQzlBQzMwMkY1MzBBMjc3NTI4Q0Y4 MUEzQzUzMDYwHhcNMjUwNDMwMjI1NjAwWhcNMjUwNTA3MjI1NjAwWjAYMRYwFAYD VQQDEw02ODEyYWE4MC1jMDFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvsay69trOcQIgv1/YmU9FXKFP52M069kKgxXdn5bJnAZSvUb286rWyjYXsI/ LJk2oSho0jOq6SoOEH6xf063Hfgd60kE55x0x8iYdxtYCNPYTWZuBjuHSaxFI9BE zhkg8qdo+g0jGnGF4uVJcY+XNSqeerxP6LIPBhYkiLO3OBEEzyfe2/f0v+RhXcNf VbEcq317glLndKhEERPL7xe5FMZm1yGhylFrxaX2+4j0dyHzbuVf3FfTAnCONWL3 Zl/vBv290Hg/KqGePr0kyWerRYT+SgMOGURr0+61WzkNrofProBjYM0ACSj122b5 v96f07gqW6teRL4RQCrL/KpAQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHoEBOf9 JmcyJiqojFQZ6709h1DpMB8GA1UdIwQYMBaAFFNOZ16JrJrDAvUwondSjPgaPFMG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQzFFQi9BQzM4NEFBNkRE ODIxMUVCOTU4RDFDMzBDNEY5QUUwMi9VMDVuWG9tc21zTUM5VENpZDFLTS1CbzhV d1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1UwNW5Yb21zbXNNQzlUQ2lkMUtNLUJvOFV3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QzFFQi9BQzM4NEFBNkREODIxMUVCOTU4RDFDMzBDNEY5QUUwMi9VMDVuWG9tc21z TUM5VENpZDFLTS1CbzhVd1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChHjw9J2lUbqO6i9c5Aq9PU3iuemHcJAJZORztAgeg/QMGArMTfI2C vaZ5GmMnGtcuYzid8Xym/b4jzv9qe2wC/JWZjHXZnpVjjrX6YzscXD9nIF0iBMms gnNmtUXCoqVmCyRGPoeqygShFTTQgUVYAdhm+FgpVqhsfsnCtBy0+TyyktcE+N8h 3QG9zDSTmaC39WTRDlge2GkNd2beXeGdCCy2b5f81qt6r4LHz9lR6KGLeMr3EQHf 0rj0XzuznYE58oDRYQ6tjq7cuhQhOVST4b/YQeArTyyjlpY1Z3B7lVK3G6eCJN5h G93E1gkYTrVA5a5RdEiXp+d5q29O2PLv -----END CERTIFICATE-----Generated at Thu May 1 17:30:27 2025 by rpki-client